This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/y2Yw6-Xzss6T6oXyrYGmZ001q9U.roa File: y2Yw6-Xzss6T6oXyrYGmZ001q9U.roa (raw, json) Hash identifier: d8IrU4kU0qWnxL1m5NsiZ0ByNC3CpvcAWEyIv/Y47HA= Subject key identifier: CB:66:30:EB:E5:F3:B2:CE:93:EA:85:F2:AD:81:A6:67:4D:35:AB:D5 Certificate issuer: /CN=fb723706d0e83758ba52138e9db4207b5a5c189c Certificate serial: 019B7D5CB7D1E3D2A9FD944475DBFBD10A54 Authority key identifier: FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/y2Yw6-Xzss6T6oXyrYGmZ001q9U.roa Signing time: Fri 02 Jan 2026 06:19:46 +0000 ROA not before: Fri 02 Jan 2026 06:19:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48345 IP address blocks: 91.223.220.0/24 maxlen: 24 91.234.215.0/24 maxlen: 24 94.232.112.0/21 maxlen: 21 185.168.168.0/24 maxlen: 24 185.168.169.0/24 maxlen: 24 2001:67c:174::/48 maxlen: 48 2001:67c:15b8::/48 maxlen: 48 2001:67c:28d8::/48 maxlen: 48 2a0e:d340::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.crl rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.mft rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 15:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:b7:d1:e3:d2:a9:fd:94:44:75:db:fb:d1:0a:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fb723706d0e83758ba52138e9db4207b5a5c189c Validity Not Before: Jan 2 06:19:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cb6630ebe5f3b2ce93ea85f2ad81a6674d35abd5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9e:ea:10:a5:9d:ab:e0:86:31:3d:d3:c4:3d: 25:18:bc:85:1c:57:6a:f5:74:9e:47:33:4a:31:aa: 89:e5:c2:73:af:ca:52:8b:af:63:d2:40:70:ce:ae: 10:cf:c3:03:5a:3f:e1:7c:8d:08:42:28:44:83:5f: 27:a6:c9:73:ce:af:a6:90:03:61:d4:43:03:ef:ea: 6a:fe:d3:21:62:71:01:97:07:03:64:fc:44:15:4d: 14:13:55:61:a3:b4:06:cb:3f:d1:67:4b:21:d7:81: 11:83:56:e4:d1:8d:25:50:75:b2:57:8d:10:ae:a4: fb:f7:ca:2d:00:a2:96:53:3e:65:39:0d:cc:11:b4: 01:f3:8a:fe:b0:5c:7e:b9:c9:23:f8:f9:6f:23:a6: 6a:93:84:fc:52:40:9c:e8:01:0f:69:1b:29:db:c8: cf:a4:26:1c:e7:58:cc:a7:b8:b0:70:d1:d0:20:ef: 9e:92:46:60:e9:8f:de:02:82:47:ad:55:4a:49:39: 51:83:f2:06:84:4a:c6:91:46:84:ca:f7:6e:32:fe: 08:97:e4:bd:84:0d:f1:46:3a:6a:e3:e1:2d:ba:73: 45:c3:fd:ad:b4:d5:e9:4e:ee:f8:20:a1:0b:46:84: be:4e:0c:c8:45:ea:9c:28:57:f0:c8:9f:d7:a4:72: f7:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:66:30:EB:E5:F3:B2:CE:93:EA:85:F2:AD:81:A6:67:4D:35:AB:D5 X509v3 Authority Key Identifier: keyid:FB:72:37:06:D0:E8:37:58:BA:52:13:8E:9D:B4:20:7B:5A:5C:18:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3I3BtDoN1i6UhOOnbQge1pcGJw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/y2Yw6-Xzss6T6oXyrYGmZ001q9U.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/59/cfac31-8356-432d-a34d-b614361196fd/1/1-3I3BtDoN1i6UhOOnbQge1pcGJw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.220.0/24 91.234.215.0/24 94.232.112.0/21 185.168.168.0/23 IPv6: 2001:67c:174::/48 2001:67c:15b8::/48 2001:67c:28d8::/48 2a0e:d340::/48 Signature Algorithm: sha256WithRSAEncryption 59:f0:ad:49:59:19:0c:7e:96:37:f7:01:53:52:49:90:66:72: b5:e3:3e:f0:68:e9:38:3d:d7:f3:d7:72:0b:e4:1b:09:57:86: 10:f0:ad:19:a5:53:1e:16:6f:8f:5a:d6:52:31:26:11:49:42: fb:83:ee:b4:0a:6b:a1:34:39:37:9f:b5:0f:86:3a:7c:05:f8: f6:28:64:99:1d:44:21:dd:46:f9:f6:95:4f:de:90:a9:09:86: 74:fa:3f:a1:34:6e:c9:92:34:15:80:20:fa:ca:ce:73:a6:82: 46:dd:71:eb:c4:61:bc:d6:67:a1:46:1f:38:d5:43:14:75:68: 29:fc:a0:2f:8a:73:45:b6:a3:82:d5:5d:95:bf:b7:b5:78:03: 1c:24:9a:6d:cc:40:f5:08:4e:c6:b0:d7:2f:d0:f1:b7:26:92: e0:af:4d:da:9b:3f:5d:83:88:62:4a:b5:1d:47:a8:69:e1:e4: 64:24:a4:04:9f:81:92:3f:5c:1b:58:cd:d2:90:83:79:4b:48: e5:9d:e6:19:a5:7c:4d:58:61:e5:b6:98:e4:2d:8a:bf:1a:05: c7:9d:04:c2:84:47:53:ca:8d:fb:b1:9c:1f:d6:82:32:ee:8a: 86:e5:e8:b2:cf:d6:87:b8:3d:be:2e:08:1b:37:1d:f0:2f:15: e1:98:8b:ec -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgISAZt9XLfR49Kp/ZREddv70QpUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZiNzIzNzA2ZDBlODM3NThiYTUyMTM4ZTlkYjQyMDdiNWE1 YzE4OWMwHhcNMjYwMTAyMDYxOTQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYjY2MzBlYmU1ZjNiMmNlOTNlYTg1ZjJhZDgxYTY2NzRkMzVhYmQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu57qEKWdq+CGMT3TxD0lGLyFHFdq 9XSeRzNKMaqJ5cJzr8pSi69j0kBwzq4Qz8MDWj/hfI0IQihEg18npslzzq+mkANh 1EMD7+pq/tMhYnEBlwcDZPxEFU0UE1Vho7QGyz/RZ0sh14ERg1bk0Y0lUHWyV40Q rqT798otAKKWUz5lOQ3MEbQB84r+sFx+uckj+PlvI6Zqk4T8UkCc6AEPaRsp28jP pCYc51jMp7iwcNHQIO+ekkZg6Y/eAoJHrVVKSTlRg/IGhErGkUaEyvduMv4Il+S9 hA3xRjpq4+EtunNFw/2ttNXpTu74IKELRoS+TgzIReqcKFfwyJ/XpHL3yQIDAQAB o4ICSTCCAkUwHQYDVR0OBBYEFMtmMOvl87LOk+qF8q2BpmdNNavVMB8GA1UdIwQY MBaAFPtyNwbQ6DdYulITjp20IHtaXBicMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS0zSTNCdERvTjFpNlVoT09uYlFnZTFwY0dKdy5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRk LWI2MTQzNjExOTZmZC8xL3kyWXc2LVh6c3M2VDZvWHlyWUdtWjAwMXE5VS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNTkvY2ZhYzMxLTgzNTYtNDMyZC1hMzRkLWI2MTQzNjExOTZm ZC8xLzEtM0kzQnREb04xaTZVaE9PbmJRZ2UxcGNHSncuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwXQYIKwYBBQUHAQcBAf8ETjBMMB4EAgABMBgDBABb39wD BABb6tcDBANe6HADBAG5qKgwKgQCAAIwJAMHACABBnwBdAMHACABBnwVuAMHACAB Bnwo2AMHACoO00AAADANBgkqhkiG9w0BAQsFAAOCAQEAWfCtSVkZDH6WN/cBU1JJ kGZyteM+8GjpOD3X89dyC+QbCVeGEPCtGaVTHhZvj1rWUjEmEUlC+4PutAproTQ5 N5+1D4Y6fAX49ihkmR1EId1G+faVT96QqQmGdPo/oTRuyZI0FYAg+srOc6aCRt1x 68RhvNZnoUYfONVDFHVoKfygL4pzRbajgtVdlb+3tXgDHCSabcxA9QhOxrDXL9Dx tyaS4K9N2ps/XYOIYkq1HUeoaeHkZCSkBJ+Bkj9cG1jN0pCDeUtI5Z3mGaV8TVhh 5baY5C2KvxoFx50EwoRHU8qN+7GcH9aCMu6KhuXoss/Wh7g9vi4IGzcd8C8V4ZiL 7A== -----END CERTIFICATE-----Generated at Mon Jan 12 01:22:22 2026 by rpki-client